Social Media as a Cyber Warfare Gamechanger

September of 2012 will live on in infamy for a large number of people. It was the month of the massive riots by Islamic extremists who, incited by the ever present radical imams, stormed several US embassies, allegedly over a months-old, poorly crafted Youtube video that ironically decried the violence of Islam. Most notable of which were the embassies of Egypt and Libya, where four Americans lost their lives; one of which was an American ambassador. Riots and demonstrations followed all over the globe for about a week. I say allegedly because a closer scrutiny of what happened will tell you an entirely different story.

Stoking an InsurgencyIt´s not the first time that something seemingly innocuous gets blown out of proportion by religious extremists with their own agenda; some of you may recall the Mohammed cartoon riots or pick any of the incidents listed in the article by Michelle Malkin who goes into this a lot more eloquently than I ever could. Regardless, my point is that there is a lot more to this Innocence of Muslims riot than meets the eye, as the ever well-informed good people of Sofrep.com will tell you. They have a lotmoreinformationthanwhatyou are likely to have seen in the press. The cliff notes are quite simple and a lot more easily explained than what the press is force-feeding us:

Trained soldiers executed a coordinated attack on multiple US embassies at the same time. These so-called ´rioters´ were carrying RPG´s with them. You know, as you do when out shopping on a summer day in Benghazi. Not only was this not a spontaneous event, but chatter about this meticulously planned attack was picked up by various intelligence agencies beforehand and people in Washington are now falling over each other on who to blame for this failure to act to the imminent threat. This did not, however, stop some deviously clever people from using the Innocence of Muslims video, which by that time had been on Youtube for 6+ months without anyone noticing, as a clever ruse to further fan the anti-American flames. Did I mention that all of this happened on the very significant anniversary of 9/11?

The Facebook Riots
On a much smaller scale, on Friday the 21st of September the small Dutch town of Haren came under siege by thousands of youths looking to party, who swarmed the town after one girl accidentally published an invitation to her Sweet Sixteen birthday party on Facebook to the entire world. Resulting in what is now referred to in the Netherlands as the “Facebook Riots”, a few ´friends´ of the girl decided it would be fun to relive the movie Project X and started spreading the word. Things escalated and swiftly got out of hand, requiring the riot police to act. When the smoke cleared the following morning it became clear that the rioting youths had caused damages of several million euro´s. Ever since this phenomenon took hold, attempts at recreating the carnage (Dutch link) have been springing up all over the country (Dutch link), keeping local government and police on their toes.

Tallinn´s Bronze Night
Let’s go back to Estonia in 2007: The local government in Tallinn relocates an elaborate Soviet-era grave marker of a Bronze Soldier, as well as some war graves, to a more out of the way location. What followed was two solid days of rioting (now referred to as Bronze Night or the April Unrest) and, better known in cyber security circles, the massive cyber-attacks against the Estonian parliament, banks, ministries, newspapers and broadcasters. While no real proof has been found to directly implicate the Kremlin in backing the riots or the cyber-attacks, it has since been believed to be true regardless and on March 10th 2009 a commissar of the Kremlin-backed youth group Nashi claimed responsibility.

The Innocence of Muslims riots, the Haren Facebook Riots and the April Unrest disconcertingly share a common factor: All three were incited and coordinated through the internet. The only real difference is the level of sophistication: Tallinn´s Bronze Night was more or less coordinated through various internet fora and both the Innocence of Muslims riots and the Haren Facebook riots were incited, spread and coordinated through Social Media sites Youtube, Facebook and Twitter.

The reason that I now write this piece is because I fear that this level of social manipulation can be readily adopted by foreign powers to foment troubles well outside of their own national borders. In the case of the April Unrest in Tallinn, the rioting and the cyber-attacks were all done through allegedly Kremlin-owned “assets” such as Nashi. Of course I can offer no empirical evidence to validate my fear, but I would argue that the other two cases prove you don´t need such assets to get the same results. Especially the Haren case shows that massive local damage can be done through exploiting the set of social phenomena that Social Media create and that we have barely begun to discover. It seems to me that it is only a matter of time before these social phenomena are actively exploited by those groups that are specifically suited and knowledgeable in these tactics such as Anonymous or 4Chan.

To me, indeed these phenomena feel like a weapon custom made for them. Think of it as a gross escalation of Swatting and you will understand why governments need to get a grip on this before it undermines their authority. If done right, I have no doubt that successfully re-creating the Haren case is almost as easy and almost as swiftly arranged. And these are just the groups that generally only have mischief on their mind. Can you imagine the damage that can be done this way by someone with truly malicious intentions and absolutely none of its own assets at risk? Some creative type with a long exposure to really unconventional warfare getting his cues from a government with a score to settle, and deep pockets to fund the whole thing? It’s a scary thought. If used properly, Social Media might very well be the most refined weapon for asymmetric warfare to date.

About the author:Don Eijndhoven has a Bachelors’ degree in Computer Science (System & Network Engineering) with a Minor in Information Security from the Hogeschool van Amsterdam, The Netherlands and is currently pursuing an MBA in Business & IT at Nyenrode Business University. Among a long list of professional certifications he holds are the titles CISSP, C|EH, MCITPro and MCSE 2003: Security. He has over a decade of professional experience in designing and securing IT infrastructures.

He is the Founder and CEO of Argent Consulting, a Dutch firm that offers full spectrum consulting and educational services in Cyber Security, Intelligence and Warfare. Heregularly speaks at security conferences on Cyber-related subjects, occasionally works for CSFI and blogs for several tech-focused websites about the state of Cyber Security. He is a founding member of Netherlands Cyber Doctrine Institute (NCDI), a Dutch foundation that aims to support the Dutch Ministry of Defense in writing proper Cyber Doctrine, and the founder of the Dutch Cyber Warfare Community group on LinkedIn.

Using social media as tool for information warfare is not a new idea or not even less little utilized. So on that angle, I believe utilizing such capabilities and that being efficient, it allows even more directed approaches to be created while diversity of resources in various areas can be called upon with quite little amount of workload.

Howerver, in context of this article, I did not find how in directly 'SOME' could be used as cyber warfare game changer, though a important tool in information superiority in selected battlefield, yes.

1350323961

Don Eijndhoven
Ah well, maybe gamechanger is overstating it a bit. I guess it depends on how you look at it. That it isn't new is something we agree on, hence the reference to the events in Estonia in 2007, although its very possible that earlier examples exist.

My main point was that it should be possible to at least lock up a country's emergency services through clever use of social media, and that this could be used in the context of cyber warfare.

Then its a different thing how it is accomplished. Maybe with a narrow scope it could be well possible.

However, it does not fit too well in 'cyberwar' directly without influence against critical infrastructure, whereas a some of the services withing emergency scope could be counted - loosely at least. To fit in, something should be either compromized or destroyed, in kinetic world, in major information asset or make impossible to 'administer' country.

1350334837

The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.